Australia e-census attack 'incorrectly' attributed to Singapore-based router: CSA
Posted 25 Oct 2016 19:54 Updated 25 Oct 2016 20:00
SINGAPORE: The Cyber Security Agency of Singapore (CSA) on Tuesday (Oct 25) refuted reports that cyber attacks which shut down a national census in Australia were launched through a router based in Singapore.
In a statement, the CSA said that it was "surprised at media reports on IBM Australia’s assertions that the majority of international traffic which caused the crash of the Australian Bureau of Statistics (ABS) Census website originated from Singapore."
International Business Machines Corp (IBM) was the lead contractor for the five-yearly Aug 9 household survey by the ABS, which went offline that day after four distributed denial of service (DDoS) attacks, caused by the website being flooded with clicks.
At a Senate inquiry into the matter, IBM Australia and New Zealand managing director Kerry Purcell said that the attacks were launched through a router in Singapore. He blamed Australian ISP Vocus Communications, a subcontractor of Nextgen Networks, for failing to shut it down.
Singapore's CSA questioned IBM's assertion in its statement. "For matters of such nature, it is usual practice for national Computer Emergency Readiness Teams (CERTs) to make inquiries and seek assistance from one another," the agency said.
"In this instance, our SingCERT was not informed of any such attack by CERT Australia. We were also not approached at any point. As such, it is strange that IBM Australia reached such a conclusion."
The agency added that it has contacted CERT Australia for more information, and that it was ready to assist the Australian authorities where required. "According to CERT Australia, some internal ABS infrastructure was hosted in Singapore. There may have been possible misunderstanding in the news reporting of this issue, which incorrectly attributed the DDoS attack source to Singapore."
IBM said on Tuesday that it plans to compensate the Australian government for the "malicious" cyber-attacks.
The breach embarrassed a government which has sought to impress voters with its cybersecurity credentials and plans to trial online elections. The census is already controversial because of privacy concerns.
In a written submission to the inquiry, IBM said its preferred anti-DDoS measure, which it calls "Island Australia", involves "geoblocking", or getting the company's ISPs to shut down offshore traffic coming into the country.
In a written submission to the inquiry, Nextgen said IBM told it about "Island Australia" six days before the census website went live in July, and that IBM declared a test of the strategy four days before the census a success.
It said Nextgen followed IBM's instructions, but noted that IBM rejected Nextgen's offer of additional anti-DDoS detection measures.
Vocus said in a submission that it told Nextgen the week before the census that it "did not provide geoblocking" and that "Vocus was in fact requested to disable its DDoS protection product covering the e-Census IP space".
It did not specify who gave that instruction.
ABS chief statistician David Kalisch said he was confident IBM could deliver on its A$10 million ($7.63 million) contract based on "the comments and exhortations that IBM had made to the ABS about the importance of this work" beforehand.
- CNA/Reuters/nc
- wong chee tat :)
No comments:
Post a Comment